54847 matches found
CVE-2025-59702
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with elevated privileges to falsify tamper events by accessing internal components...
qt6-qtsvg security update
An update is available for qt6-qtsvg. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Scalable Vector Graphics SVG is an XML-based language for describing...
Use of Incorrectly-Resolved Name or Reference
Overview strands-agents is an A model-driven approach to building AI agents in just a few lines of code Affected versions of this package are vulnerable to Use of Incorrectly-Resolved Name or Reference via dynamic tool module registration in ToolLoader. The loadtoolsfromfilepath and loadpythontoo...
CVE-2025-13804
A security flaw has been discovered in nutzam NutzBoot up to 2.6.0-SNAPSHOT. The impacted element is an unknown function of the file nutzboot-demo/nutzboot-demo-simple/nutzboot-demo-simple-web3j/src/main/java/io/nutz/demo/simple/module/EthModule.java of the component Ethereum Wallet Handler...
PT-2025-48627
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4803...
PT-2025-48736
SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...
PT-2025-48693
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to modify or erase tamper events via the Chassis management board...
Entrust nShield Connect XC 安全漏洞
Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates from a physical neighbor attacker with elevated privileges can read and write the contents of an unencrypted Appliance SSD...
Entrust nShield Connect XC 安全漏洞
Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates from a physical neighbor attacker with elevated privileges who can forge tamper events...
Entrust nShield Connect XC 安全漏洞
Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates from physical proximity where an attacker can boot from a USB device to elevate privileges...
Entrust nShield Connect XC 安全漏洞
Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in the Entrust nShield Connect XC that originates from a physical neighbor attacker having untraceable access to internal components of the device...
CVE-2025-59699
Entrust nShield Connect XC (up to 13.6.11), nShield 5c (up to 13.6.11), and nShield HSMi (up to 13.6.11) and nShield Connect XC/HSMi 13.7 are affected by CVE-2025-59699. A physically proximate attacker can escalate privileges by booting from a USB device containing a valid root filesystem, due to...
Singularity 安全漏洞
Singularity is an open source container platform open sourced by Sylabs Inc. A security vulnerability exists in singularity that stems from a possible redirection of an LSM tag write operation, which could lead to the failure of security restrictions...
Entrust nShield Connect XC 安全漏洞
Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates in a physical neighbor attacker who can enable the USB port by inserting a chassis probe to elevate privileges during system...
RHEL 10 : qt6-qtsvg (RHSA-2025:22393)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22393 advisory. Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and...
CLSA-2025-1764614196 tpm2-tools: Fix of CVE-2024-29039
CVE-2024-29039: add comparison of pcr selection to prevent misleading picture of the TPM state...
Linux Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell. Module Options msf use payload/linux/riscv32le/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show options ...show and set options... msf...
AZL-71275 CVE-2025-13837 affecting package python3 3.9.19-19
When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...
CVE-2025-13837
When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...
CVE-2025-26858
A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set of network packets can lead to denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability...